Authplane JWT validation for servers built on the official MCP Python SDK.
pip install authplane-mcpSupported mcp range: >=1.23.0, <1.28.0. MCP 1.28 renamed the elicitation field from elicitationId (camelCase) to elicitation_id (snake_case), which breaks this adapter's current wire handling. If your project needs MCP 1.28+, please open an issue — the adapter update is straightforward, we just haven't cut it yet.
import asyncio
from authplane_mcp import authplane_mcp_auth, require_scope
from mcp.server.fastmcp import FastMCP
async def main() -> None:
auth_result = await authplane_mcp_auth(
issuer="https://auth.company.com",
resource="https://mcp.company.com",
scopes=["tools/query", "tools/write"],
)
mcp = FastMCP("My MCP Server", port=8080, json_response=True, **auth_result)
@mcp.tool()
async def query_database(query: str) -> str:
require_scope("tools/query")
return f"Result for: {query}"
try:
await mcp.run_streamable_http_async()
finally:
await auth_result.aclose()
asyncio.run(main())auth_result holds background JWKS and metadata refresh tasks bound to the running event loop. Keep the setup, server, and aclose() inside a single asyncio.run(main()) so those tasks stay alive for the server's lifetime.
PRM behavior, dev mode, revocation checking, manual setup, the full authplane_mcp_auth / AuthplaneTokenVerifier API, and error handling: User Guide.